[原文]Unspecified vulnerability in the TFTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51), when configured to use a directory path name that contains a space character, allows remote authenticated users to read and overwrite arbitrary files via unspecified vectors.
Cisco Wireless Control System (WCS) TFTP Server Unspecified File Manipulation
Remote / Network Access,
Loss of Integrity
Wireless Control System contains an unspecified flaw that may allow a malicious user to read and write arbitrary files if the path chosen for the root of the TFTP server contains a space. It is possible that the flaw may allow arbitrary file manipulation by a remote attacker resulting in a loss of integrity.
Upgrade to version 3.2(63) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.